Jump to content

Recommended Posts

Posted

hxxps://animedao.com/

Click on one of the anime series, and I get two false positives detection for video players implemented on the site.

Screenshot_2.jpg.6bb9914753f022fe704a583eead012a0.jpg

Screenshot_3.jpg.db99c54d4437fe056ed80b868d14849e.jpg

 

  • Most Valued Members
Posted

Did you try using an adblocker?

Posted

Actually, it's not detecting the video player as malicious but rather a malicious javascript that the site is loading. My Firefox has uMatrix installed that blocks third party scripts loading so I don't see this warning from Eset and the video plays fine but in Microsoft Edge, I only have an adblocker but not uMatrix and there Eset is showing that it has detected and removed the script. So, not a false positive I think, rather a unsafe javascript.

  • Most Valued Members
Posted
1 hour ago, SeriousHoax said:

Actually, it's not detecting the video player as malicious but rather a malicious javascript that the site is loading. My Firefox has uMatrix installed that blocks third party scripts loading so I don't see this warning from Eset and the video plays fine but in Microsoft Edge, I only have an adblocker but not uMatrix and there Eset is showing that it has detected and removed the script. So, not a false positive I think, rather a unsafe javascript.

With the uMatrix statement that you have said , means that when uMatrix is blocking JS then ESET detects nothing because there are no JS being loaded , while you go to Edge and have JS loaded , then ESET blocks JS script from loading.

I believe that the website may have malicious codes.

Posted
3 hours ago, Rami said:

With the uMatrix statement that you have said , means that when uMatrix is blocking JS then ESET detects nothing because there are no JS being loaded , while you go to Edge and have JS loaded , then ESET blocks JS script from loading.

I believe that the website may have malicious codes.

Yes, that's right.

  • Most Valued Members
Posted
4 minutes ago, SeriousHoax said:

Yes, that's right.

These websites tend to have lot of advertising , while their ads might contain some kind of JS loads , even if the website is safe , it might be malicious ads' servers , or might be the website is hijacked.

Keep your uMatrix , it's good ;)

Posted
8 minutes ago, Rami said:

These websites tend to have lot of advertising , while their ads might contain some kind of JS loads , even if the website is safe , it might be malicious ads' servers , or might be the website is hijacked.

Keep your uMatrix , it's good ;)

Yes, it seems a lot of threats spread through JS nowadays. So, something like uMatrix/Nocript/uBlock Origin in medium mode is another added layer of protection. So for me, uBlock Origin with a good amount of filters, uMatrix and there's also Eset of course 😎

Posted
14 hours ago, Rami said:

Did you try using an adblocker?

 

11 hours ago, SeriousHoax said:

Actually, it's not detecting the video player as malicious but rather a malicious javascript that the site is loading. My Firefox has uMatrix installed that blocks third party scripts loading so I don't see this warning from Eset and the video plays fine but in Microsoft Edge, I only have an adblocker but not uMatrix and there Eset is showing that it has detected and removed the script. So, not a false positive I think, rather a unsafe javascript.

I have Ublock Origin in medium mode and latest filters update, but ESET still detect them.

Posted
37 minutes ago, Mr.Wong said:

I have Ublock Origin in medium mode and latest filters update, but ESET still detect them.

Ublock won't detect this stuff unless you enable JavaScript blocking. This is turn will break most web sites you access.

Eset's protection alone is adequate to protect you against web site Javascript malware.

Posted
On 6/30/2019 at 6:54 PM, itman said:

Ublock won't detect this stuff unless you enable JavaScript blocking. This is turn will break most web sites you access.

Eset's protection alone is adequate to protect you against web site Javascript malware.

Should I enable these two video players on the site or no? 

Posted
38 minutes ago, Mr.Wong said:

Should I enable these two video players on the site or no? 

No. At this point, it is not known if the Eset's alerts are legitimate or not.

Open Eset GUI. Select Tools. Then refer to the below screen shot to report what you beleive is a false positive detection for the web site:

Eset_FP.thumb.png.88b2fc2a136a23f2d33a3fd5000908c7.png

  • Administrators
Posted

JS/Adware.AA is a correct detection. If you want to contact ESET's security research lab, email samples[at]eset.com if you would like to get a response. However, in this case it's not needed since a reply would be same.

Posted
On 7/2/2019 at 2:24 PM, Marcos said:

JS/Adware.AA is a correct detection. If you want to contact ESET's security research lab, email samples[at]eset.com if you would like to get a response. However, in this case it's not needed since a reply would be same.

So the second picture detection is correct, and what about the first picture detection? Is it a false positive?

  • Administrators
Posted
9 minutes ago, Mr.Wong said:

So the second picture detection is correct, and what about the first picture detection? Is it a false positive?

It's correct too. Both detections seem to be related to aggressive ads.

  • Most Valued Members
Posted
On 6/30/2019 at 11:54 PM, itman said:

Ublock won't detect this stuff unless you enable JavaScript blocking. This is turn will break most web sites you access.

Eset's protection alone is adequate to protect you against web site Javascript malware.

 

On 7/2/2019 at 6:09 PM, Mr.Wong said:

Should I enable these two video players on the site or no? 

I dont use ublock so not sure how it works but can you disable javascript for specfic sites only e.g. for this video site that way it wouldnt be trying to load it as an extra precaution or could this possibly disable the player?

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...